This class provides commands that interact with the timestomp feature set of the privilege escalation extension.
This command provides the same level of features that vinnie's command line timestomp interface provides with a similar argument set.
# File lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb, line 52 def cmd_timestomp(*args) if (args.length < 2) print_line("\nUsage: timestomp file_path OPTIONS\n" + @@timestomp_opts.usage) return end file_path = args.shift modified = nil accessed = nil creation = nil emodified = nil @@timestomp_opts.parse(args) { |opt, idx, val| case opt when "-m" modified = str_to_time(val) when "-a" accessed = str_to_time(val) when "-c" creation = str_to_time(val) when "-e" emodified = str_to_time(val) when "-z" print_line("#{val}") modified = str_to_time(val) accessed = str_to_time(val) creation = str_to_time(val) emodified = str_to_time(val) when "-f" print_status("Setting MACE attributes on #{file_path} from #{val}") client.priv.fs.set_file_mace_from_file(file_path, val) when "-b" print_status("Blanking file MACE attributes on #{file_path}") client.priv.fs.blank_file_mace(file_path) when "-r" print_status("Blanking directory MACE attributes on #{file_path}") client.priv.fs.blank_directory_mace(file_path) when "-v" hash = client.priv.fs.get_file_mace(file_path) print_line("Modified : #{hash['Modified']}") print_line("Accessed : #{hash['Accessed']}") print_line("Created : #{hash['Created']}") print_line("Entry Modified: #{hash['Entry Modified']}") when "-h" print_line("\nUsage: timestomp file_path OPTIONS\n" + @@timestomp_opts.usage) return end } # If any one of the four times were specified, change them. if (modified or accessed or creation or emodified) print_status("Setting specific MACE attributes on #{file_path}") client.priv.fs.set_file_mace(file_path, modified, accessed, creation, emodified) end end
Generated with the Darkfish Rdoc Generator 2.